[$70] Only admins should be able to update actualStartDate and completionDate of milestones

Currently, all the users can update `actualStartDate` and `completionDate` of milestones. We should limit users who can update them, so only user with [admin roles](https://github.com/topcoder-platform/tc-project-service/blob/feature/update_timeline_in_ES_milestones_cascade/src/constants.js#L47) can update them.

For checking permissions we can reuse method [hasPermission](https://github.com/topcoder-platform/tc-project-service/blob/feature/update_timeline_in_ES_milestones_cascade/src/util.js#L757) without providing the third argument, like this:
```js
hasPermission({topcoderRoles: ADMIN_ROLES}, req.authUser)
```

We also have to write at least 4 unit tests which wold validate that:
1. non-admin users cannot update `actualStartDate`
2. non-admin users cannot update `completionDate`
3. admin users can update `actualStartDate`
4. admin users can update `completionDate`

Ref: https://github.com/appirio-tech/connect-app/issues/3210

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[$70] Only admins should be able to update actualStartDate and completionDate of milestones #381

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[$70] Only admins should be able to update actualStartDate and completionDate of milestones #381

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions